activemerchant 1.56.0 → 1.66.0

data/lib/active_merchant/billing/gateways/mercury.rb

@@ -12,7 +12,7 @@ module ActiveMerchant #:nodoc:
     # and +refund+ will become mandatory.
     class MercuryGateway < Gateway
       URLS = {
-        :test => 'https://w1.mercurydev.net/ws/ws.asmx',
+        :test => 'https://w1.mercurycert.net/ws/ws.asmx',
         :live => 'https://w1.mercurypay.com/ws/ws.asmx'
       }
 
@@ -197,12 +197,20 @@ module ActiveMerchant #:nodoc:
           if credit_card.track_data.present?
             # Track 1 has a start sentinel (STX) of '%' and track 2 is ';'
             # Track 1 and 2 have identical end sentinels (ETX) of '?'
+            # Tracks may or may not have checksum (LRC) after the ETX
             # If the track has no STX or is corrupt, we send it as track 1, to let Mercury
             #handle with the validation error as it sees fit.
-            # Track 2 requires having the start and end sentinels stripped. Track 1 does not.
-            if credit_card.track_data[0] == ';' # track 2 start sentinel (STX)
-              xml.tag! 'Track2', credit_card.track_data[1..-2]
-            else # track 1 or a corrupt track
+            # Track 2 requires having the STX and ETX stripped. Track 1 does not.
+            # Max-length track 1s require having the STX and ETX stripped. Max is 79 bytes including LRC.
+            is_track_2 = credit_card.track_data[0] == ';'
+            etx_index = credit_card.track_data.rindex('?') || credit_card.track_data.length
+            is_max_track1 = etx_index >= 77
+
+            if is_track_2
+              xml.tag! 'Track2', credit_card.track_data[1...etx_index]
+            elsif is_max_track1
+              xml.tag! 'Track1', credit_card.track_data[1...etx_index]
+            else
               xml.tag! 'Track1', credit_card.track_data
             end
           else

data/lib/active_merchant/billing/gateways/metrics_global.rb

@@ -218,7 +218,7 @@ module ActiveMerchant #:nodoc:
         post[:delim_data]     = "TRUE"
         post[:delim_char]     = ","
         post[:encap_char]     = "$"
-        post[:solution_ID]    = application_id if application_id.present? && application_id != "ActiveMerchant"
+        post[:solution_ID]    = application_id if application_id
 
         request = post.merge(parameters).collect { |key, value| "x_#{key}=#{CGI.escape(value.to_s)}" }.join("&")
         request

data/lib/active_merchant/billing/gateways/migs.rb

@@ -25,6 +25,7 @@ module ActiveMerchant #:nodoc:
       self.supported_cardtypes = [:visa, :master, :american_express, :diners_club, :jcb]
 
       self.money_format = :cents
+      self.currencies_without_fractions = %w(IDR)
 
       # The homepage URL of the gateway
       self.homepage_url = 'http://mastercard.com/mastercardsps'
@@ -63,6 +64,7 @@ module ActiveMerchant #:nodoc:
         add_invoice(post, options)
         add_creditcard(post, creditcard)
         add_standard_parameters('pay', post, options[:unique_id])
+        add_3ds(post, options)
 
         commit(post)
       end
@@ -103,6 +105,17 @@ module ActiveMerchant #:nodoc:
         commit(post)
       end
 
+      def void(authorization, options = {})
+        requires!(@options, :advanced_login, :advanced_password)
+
+        post = options.merge(:TransNo => authorization)
+
+        add_advanced_user(post)
+        add_standard_parameters('voidAuthorisation', post, options[:unique_id])
+
+        commit(post)
+      end
+
       def credit(money, authorization, options = {})
         ActiveMerchant.deprecated CREDIT_DEPRECATION_MESSAGE
         refund(money, authorization, options)
@@ -189,7 +202,7 @@ module ActiveMerchant #:nodoc:
       private
 
       def add_amount(post, money, options)
-        post[:Amount] = amount(money)
+        post[:Amount] = localized_amount(money, options[:currency])
         post[:Currency] = options[:currency] if options[:currency]
       end
 
@@ -202,6 +215,15 @@ module ActiveMerchant #:nodoc:
         post[:OrderInfo] = options[:order_id]
       end
 
+      def add_3ds(post, options)
+        post[:VerType] = options[:ver_type] if options[:ver_type]
+        post[:VerToken] = options[:ver_token] if options[:ver_token]
+        post["3DSXID"] = options[:three_ds_xid] if options[:three_ds_xid]
+        post["3DSECI"] = options[:three_ds_eci] if options[:three_ds_eci]
+        post["3DSenrolled"] = options[:three_ds_enrolled] if options[:three_ds_enrolled]
+        post["3DSstatus"] = options[:three_ds_status] if options[:three_ds_status]
+      end
+
       def add_creditcard(post, creditcard)
         post[:CardNum] = creditcard.number
         post[:CardSecurityCode] = creditcard.verification_value if creditcard.verification_value?

data/lib/active_merchant/billing/gateways/monei.rb

@@ -14,7 +14,7 @@ module ActiveMerchant #:nodoc:
       self.test_url = 'https://test.monei-api.net/payment/ctpe'
       self.live_url = 'https://monei-api.net/payment/ctpe'
 
-      self.supported_countries = ['ES']
+      self.supported_countries = ['AD', 'AT', 'BE', 'BG', 'CA', 'CH', 'CY', 'CZ', 'DE', 'DK', 'EE', 'ES', 'FI', 'FO', 'FR', 'GB', 'GI', 'GR', 'HU', 'IE', 'IL', 'IS', 'IT', 'LI', 'LT', 'LU', 'LV', 'MT', 'NL', 'NO', 'PL', 'PT', 'RO', 'SE', 'SI', 'SK', 'TR', 'US', 'VA']
       self.default_currency = 'EUR'
       self.supported_cardtypes = [:visa, :master, :maestro, :jcb, :american_express]
 

data/lib/active_merchant/billing/gateways/moneris.rb

@@ -53,7 +53,7 @@ module ActiveMerchant #:nodoc:
         post[:crypt_type] = options[:crypt_type] || @options[:crypt_type]
         action = if post[:cavv]
           'cavv_preauth'
-        elsif post[:data_key].blank? 
+        elsif post[:data_key].blank?
           'preauth'
         else
           'res_preauth_cc'
@@ -132,6 +132,13 @@ module ActiveMerchant #:nodoc:
         commit 'refund', crediting_params(authorization, :amount => amount(money))
       end
 
+      def verify(credit_card, options={})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
       def store(credit_card, options = {})
         post = {}
         post[:pan] = credit_card.number
@@ -155,6 +162,19 @@ module ActiveMerchant #:nodoc:
         commit('res_update_cc', post)
       end
 
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((<store_id>).+(</store_id>)), '\1[FILTERED]\2').
+          gsub(%r((<api_token>).+(</api_token>)), '\1[FILTERED]\2').
+          gsub(%r((<pan>).+(</pan>)), '\1[FILTERED]\2').
+          gsub(%r((<cvd_value>).+(</cvd_value>)), '\1[FILTERED]\2').
+          gsub(%r((<cavv>).+(</cavv>)), '\1[FILTERED]\2')
+      end
+
       private # :nodoc: all
 
       def expdate(creditcard)

data/lib/active_merchant/billing/gateways/nab_transact.rb

@@ -79,6 +79,18 @@ module ActiveMerchant #:nodoc:
         commit_periodic(:deletecrn, build_unstore_request(identification, options))
       end
 
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        return "" if transcript.blank?
+        transcript.
+          gsub(%r((<cardNumber>)[^<]+(<))i, '\1[FILTERED]\2').
+          gsub(%r((<cvv>)[^<]+(<))i, '\1[FILTERED]\2').
+          gsub(%r((<password>)[^<]+(<))i, '\1[FILTERED]\2')
+      end
+
       private
 
       def add_metadata(xml, options)

data/lib/active_merchant/billing/gateways/ncr_secure_pay.rb

@@ -0,0 +1,165 @@
+require 'nokogiri'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class NcrSecurePayGateway < Gateway
+      self.test_url = 'https://testbox.monetra.com:8665/'
+      self.live_url = 'https://portal.ncrsecurepay.com:8444/'
+
+      self.supported_countries = ['US']
+      self.default_currency = 'USD'
+      self.supported_cardtypes = [:visa, :master, :american_express, :discover]
+
+      self.homepage_url = 'http://www.ncrretailonline.com'
+      self.display_name = 'NCR Secure Pay'
+
+      def initialize(options={})
+        requires!(options, :username, :password)
+        super
+      end
+
+      def purchase(money, payment, options={})
+        post = {}
+        add_invoice(post, money, options)
+        add_payment(post, payment)
+        add_address(post, payment, options)
+
+        commit('sale', post)
+      end
+
+      def authorize(money, payment, options={})
+        post = {}
+        add_invoice(post, money, options)
+        add_payment(post, payment)
+        add_address(post, payment, options)
+
+        commit('preauth', post)
+      end
+
+      def capture(money, authorization, options={})
+        post = {}
+        add_reference(post, authorization)
+        add_invoice(post, money, options)
+
+        commit('preauthcomplete', post)
+      end
+
+      def refund(money, authorization, options={})
+        post = {}
+        add_reference(post, authorization)
+        add_invoice(post, money, options)
+
+        commit('credit', post)
+      end
+
+      def void(authorization, options={})
+        post = {}
+        add_reference(post, authorization)
+        commit('void', post)
+      end
+
+      def verify(credit_card, options={})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.gsub(%r((<password>)[^<]*(</password>))i, '\1[FILTERED]\2').
+          gsub(%r((<account>)[^<]*(</account>))i, '\1[FILTERED]\2').
+          gsub(%r((<cv>)[^<]*(</cv>))i, '\1[FILTERED]\2')
+      end
+
+      private
+
+      def add_reference(post, reference)
+        post[:ttid] = reference
+      end
+
+      def add_address(post, payment, options)
+        address = options[:billing_address] || options[:address]
+        post[:zip] = address[:zip]
+        post[:street] = address[:address1]
+      end
+
+      def add_invoice(post, money, options)
+        post[:amount] = amount(money)
+        post[:currency] = (options[:currency] || currency(money))
+        post[:descmerch] = options[:merchant] if options[:merchant]
+        post[:ordernum] = options[:order_id] if options[:order_id]
+        post[:comments] = options[:description] if options[:description]
+      end
+
+      def add_payment(post, payment)
+        post[:cardholdername] = payment.name
+        post[:account] = payment.number
+        post[:cv] = payment.verification_value
+        post[:expdate] = expdate(payment)
+      end
+
+      def parse(body)
+        doc = Nokogiri::XML(body)
+        doc.remove_namespaces!
+        response = doc.xpath("/MonetraResp/Resp")[0]
+        resp_params = {}
+
+        response.elements.each do |node|
+          resp_params[node.name.downcase.to_sym] = node.text
+        end
+        resp_params
+      end
+
+      def commit(action, parameters)
+        url = (test? ? test_url : live_url)
+        response = parse(ssl_post(url, request_body(action, parameters)))
+
+        Response.new(
+          success_from(response),
+          message_from(response),
+          response,
+          authorization: authorization_from(response),
+          test: test?,
+          error_code: error_code_from(response)
+        )
+      end
+
+      def success_from(response)
+        response[:code] == "AUTH"
+      end
+
+      def message_from(response)
+        response[:verbiage]
+      end
+
+      def authorization_from(response)
+        response[:ttid]
+      end
+
+      def request_body(action, parameters = {})
+        Nokogiri::XML::Builder.new(:encoding => 'utf-8') do |xml|
+          xml.MonetraTrans do
+            xml.Trans(identifier: parameters.delete(:identifier) || "1") do
+              xml.username(options[:username])
+              xml.password(options[:password])
+              xml.action(action)
+              parameters.each do |name, value|
+                xml.send(name, value)
+              end
+            end
+          end
+        end.to_xml
+      end
+
+      def error_code_from(response)
+        unless success_from(response)
+          response[:msoft_code] || response[:phard_code]
+        end
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/netbanx.rb

@@ -0,0 +1,245 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class NetbanxGateway < Gateway
+      # Netbanx is the new REST based API for Optimal Payments / Paysafe
+      self.test_url = 'https://api.test.netbanx.com/'
+      self.live_url = 'https://api.netbanx.com/'
+
+      self.supported_countries = ['CA', 'US', 'GB']
+      self.default_currency = 'CAD'
+      self.supported_cardtypes = [:visa, :master, :american_express, :discover]
+      self.money_format = :cents
+
+      self.homepage_url = 'https://processing.paysafe.com/'
+      self.display_name = 'Netbanx by PaySafe'
+
+      STANDARD_ERROR_CODE_MAPPING = {}
+
+      def initialize(options={})
+        requires!(options, :account_number, :api_key)
+        super
+      end
+
+      def purchase(money, payment, options={})
+        post = {}
+        add_invoice(post, money, options)
+        add_settle_with_auth(post)
+        add_payment(post, payment)
+
+        commit(:post, 'auths', post)
+      end
+
+      def authorize(money, payment, options={})
+        post = {}
+        add_invoice(post, money, options)
+        add_payment(post, payment)
+
+        commit(:post, 'auths', post)
+      end
+
+      def capture(money, authorization, options={})
+        post = {}
+        add_invoice(post, money, options)
+
+        commit(:post, "auths/#{authorization}/settlements", post)
+      end
+
+      def refund(money, authorization, options={})
+        post = {}
+        add_invoice(post, money, options)
+
+        commit(:post, "settlements/#{authorization}/refunds", post)
+      end
+
+      def void(authorization, options={})
+        post = {}
+        add_order_id(post, options)
+
+        commit(:post, "auths/#{authorization}/voidauths", post)
+      end
+
+      def verify(credit_card, options={})
+        post = {}
+        add_payment(post, credit_card)
+        add_order_id(post, options)
+
+        commit(:post, 'verifications', post)
+      end
+
+      # note: when passing options[:customer] we only attempt to add the
+      #       card to the profile_id passed as the options[:customer]
+      def store(credit_card, options={})
+        # locale can only be one of en_US, fr_CA, en_GB
+        requires!(options, :locale)
+        post = {}
+        add_credit_card(post, credit_card, options)
+        add_customer_data(post, options)
+
+        commit(:post, 'customervault/v1/profiles', post)
+      end
+
+      def unstore(identification, options = {})
+        customer_id, card_id = identification.split('|')
+
+        if card_id.nil?
+          # deleting the profile
+          commit(:delete, "customervault/v1/profiles/#{CGI.escape(customer_id)}", nil)
+        else
+          # deleting the card from the profile
+          commit(:delete, "customervault/v1/profiles/#{CGI.escape(customer_id)}/cards/#{CGI.escape(card_id)}", nil)
+        end
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
+          gsub(%r(("card\\?":{\\?"cardNum\\?":\\?")\d+), '\1[FILTERED]').
+          gsub(%r(("cvv\\?":\\?")\d+), '\1[FILTERED]')
+      end
+
+      private
+
+      def add_settle_with_auth(post)
+        post[:settleWithAuth] = true
+      end
+
+      def add_customer_data(post, options)
+        post[:merchantCustomerId] = (options[:merchant_customer_id] || SecureRandom.uuid)
+        post[:locale] = options[:locale]
+        # if options[:billing_address]
+        #   post[:address]  = map_address(options[:billing_address])
+        # end
+      end
+
+      def add_credit_card(post, credit_card, options = {})
+        post[:card] ||= {}
+        post[:card][:cardNum]    = credit_card.number
+        post[:card][:holderName] = credit_card.name
+        post[:card][:cvv]        = credit_card.verification_value
+        post[:card][:cardExpiry] = expdate(credit_card)
+        if options[:billing_address]
+          post[:card][:billingAddress]  = map_address(options[:billing_address])
+        end
+      end
+
+      def add_invoice(post, money, options)
+        post[:amount] = amount(money)
+        post[:currencyCode] = options[:currency] if options[:currency]
+        add_order_id(post, options)
+
+        if options[:billing_address]
+          post[:billingDetails]  = map_address(options[:billing_address])
+        end
+
+      end
+
+      def add_payment(post, credit_card_or_reference, options = {})
+        post[:card] ||= {}
+        if credit_card_or_reference.is_a?(String)
+          post[:card][:paymentToken] = credit_card_or_reference
+        else
+          post[:card][:cardNum]    = credit_card_or_reference.number
+          post[:card][:cvv]        = credit_card_or_reference.verification_value
+          post[:card][:cardExpiry] = expdate(credit_card_or_reference)
+        end
+      end
+
+      def expdate(credit_card)
+        year  = format(credit_card.year, :four_digits)
+        month = format(credit_card.month, :two_digits)
+
+        # returns a hash (necessary in the card JSON object)
+        { :month => month, :year => year }
+      end
+
+      def add_order_id(post, options)
+        post[:merchantRefNum] = (options[:order_id] || SecureRandom.uuid)
+      end
+
+      def map_address(address)
+        return {} if address.nil?
+        country = Country.find(address[:country]) if address[:country]
+        mapped = {
+          :street  => address[:address1],
+          :city    => address[:city],
+          :zip     => address[:zip],
+        }
+        mapped.merge!({:country => country.code(:alpha2).value}) unless country.blank?
+
+        mapped
+      end
+
+      def parse(body)
+        body.blank? ? {} : JSON.parse(body)
+      end
+
+      def commit(method, uri, parameters)
+        params = parameters.to_json unless parameters.nil?
+        response = begin
+          parse(ssl_request(method, get_url(uri), params, headers))
+        rescue ResponseError => e
+          return Response.new(false, 'Invalid Login') if(e.response.code == '401')
+          parse(e.response.body)
+        end
+
+        success = success_from(response)
+        Response.new(
+          success,
+          message_from(success, response),
+          response,
+          :test => test?,
+          :authorization => authorization_from(success, get_url(uri), method, response)
+        )
+      end
+
+      def get_url(uri)
+        url = (test? ? test_url : live_url)
+        if uri =~ /^customervault/
+          "#{url}#{uri}"
+        else
+          "#{url}cardpayments/v1/accounts/#{@options[:account_number]}/#{uri}"
+        end
+      end
+
+      def success_from(response)
+        response.blank? || !response.key?('error')
+      end
+
+      def message_from(success, response)
+        success ? 'OK' : (response['error']['message'] || "Unknown error - please contact Netbanx-Paysafe")
+      end
+
+      def authorization_from(success, url, method, response)
+        if success && response.present? && url.match(/cardpayments\/v1\/accounts\/.*\//)
+          response['id']
+        elsif method == :post && url.match(/customervault\/.*\//)
+          # auth for tokenised customer vault is returned as
+          # customer_profile_id|card_id|payment_method_token
+          #
+          # customer_profile_id is the uuid that identifies the customer
+          # card_id is the uuid that identifies the card
+          # payment_method_token is the token that needs to be used when
+          #                      calling purchase with a token
+          #
+          # both id's are used to unstore, the payment token is only used for
+          # purchase transactions
+          [response['id'], response['cards'].first['id'], response['cards'].first['paymentToken']].join("|")
+        end
+      end
+
+      # Builds the auth and U-A headers for the request
+      def headers
+        {
+          'Accept'        => 'application/json',
+          'Content-type'  => 'application/json',
+          'Authorization' => "Basic #{Base64.strict_encode64(@options[:api_key].to_s).strip}",
+          'User-Agent'    => "Netbanx-Paysafe v1.0/ActiveMerchant #{ActiveMerchant::VERSION}"
+        }
+      end
+    end
+  end
+end